Your personal data is of utmost importance to Desmo Labs SAS and its subsidiaries, branches (hereinafter referred to as “we”, “us”, “our” or “the Company”). We respect and protect the personal data and privacy of users (hereinafter referred to as “you”) registered or using the D/Bond and D/Wallet (hereinafter referred to as the “Platforms”).
We highly value your privacy and the security of your personal data. We are honored that you choose to use our Platform for cryptocurrency, fiat currency, and other data product transactions, as well as for functionalities like identity verification using certificate information. We are committed to ensuring that you can use our website, products, and services, as well as engage in any other business transactions, with peace of mind.
In order to address your concerns, we would like to provide you with clear information regarding the types of personal data we collect, the purposes and uses of such data, the third parties with whom we may share the data, the specific protective measures we have implemented to safeguard your personal data, the rights you possess in relation to the aforementioned situations, and the party you can contact for assistance in resolving data protection issues.
Our products and services are not intended for children. If you are under 16 years of age, please do not use or register on the Platform, and do not provide us with any personal data. If you have reason to believe that a child under the age of 16 has provided personal data to us through the Platform, please contact us promptly. Upon verifying the identity data, we will delete the personal data of the child from our Platform.
We encourage parents or legal guardians to monitor their children’s use of the internet. We remind all parents and legal guardians who supervise and care for children to take necessary precautions to ensure that their children are not instructed to submit personal data on online platforms without parental or legal guardian consent.3. Data Controllers and Data Processors
Our role may vary as Data Controllers or Data Processors of personal data depending on the specific circumstances involving personal data. Regarding the data processing activities related to digital signatures involving you and the feedback from third-party service providers regarding whether users comply with registration requirements, as well as the data processing activities we perform during the encryption and authentication processes for the data provided by you through the Platform, we act as data controllers, and we will comply with the obligations of Data Controllers as stipulated in the GDPR. After your personal information is authenticated by a third party, we will encrypt the personal data provided by you and generate a personal data document stored on your local device. We do not possess, control, or determine such personal data. Such personal data will be processed solely based on your instructions, and you have the autonomy to decide on data sharing and other data processing activities. In this case, as a user providing personal data, you should be considered the Data Controller and authorize us to process such personal data in accordance with the predefined service functionalities and purposes of the Platform.4. Personal Data Collected by the Platform
In order for you to use our platform or to fulfill legal obligations, the Platform may (but not necessarily) need to collect and use the following personal data. The scope of personal data you provide will vary based on the voluntary submission of authentication certificate or other relevant information:(1) Personal Data You Provide To The D/wallet
When you register and connect your wallet account to our website/App, we collect your wallet address and data related to the integrations you choose.
Data related to the transactions you perform on our website/App, such as sender’s name, recipient’s name, amount, currency preference, payment method, date, etc.
We may analyze public blockchain data, including timestamps of transactions or events, transaction IDs, digital signatures, transaction amounts, and wallet addresses, which may involve your personal data.
App, Browser, And Device Data
Data related to the device, Operating System, and Browser you are using, as well as other device features or identifiers (such as plugins, connected networks), and IP address.
Digital Signatures, Public Key, Private Key
Digital Signatures: You can use your own private key to encrypt the data you want to send and generate a digital signature. This digital signature is unique and has characteristics that can be verified by a public key paired with the private key you hold.。
Public Key: The public key is a set of digital strings generated from a key pair consisting of a public key and a private key. The public key is part of asymmetric encryption algorithms used for encrypting data and verifying digital signatures.
Private Key: A private key is a crucial component of asymmetric encryption algorithms, which, when paired with a public key, forms a key pair. The private key is a confidential string that only you should know.
Product Usage Data
Activity data: Data pertaining to the content you view or click on when accessing our website and App, as well as how you utilize our services.
Diagnostic and Troubleshooting Data: Data regarding how our services perform during your usage, including diagnostic and performance-related data associated with the services. This data may include timestamps, crash data, website performance logs, and error messages or reports.
Data From Cookies and Similar Technologies
Customer Basic Data (Collected By Third-Party KYC Company)
First Name, Family Name, ID, Date of Birth, Address, Sex, Nationality, Email, Etc.
Electronic Identification (EIDV) (Collected by the third party KYC Company)
Biometric information generated based on the photos or videos you provide for the purpose of identity verification.
(Collected by third party KYC Company)
Certificate (E.G., Passport Or Other Identification Documents) Number, Certificate Type, Issuer, Issued Date, Expiration Date, Etc.
Data On Whether Users Meet Platform Registration Requirements
Third party service providers analyze users’ personal data (KYC) and provide feedback to us on whether the user meets the platform's registration requirements.
We always process your personal data based on the legal grounds provided by the GDPR (such as Article 6 and Article 7). We may collect and process your personal data for the following purposes:
(1) Providing you with encryption and authentication services, creating and maintaining your digital signatures, public keys, and private keys, and related personal data.
(2) Verifying compliance with registration requirements.
(3) Hosting and maintaining your digital wallets, including your electronic currency wallets and digital currency wallets.
(4) Providing investment, payment, asset listing, and account management services to you, investors, and institutions.
(5) Process your personal data as a Data P+rocessor in accordance with your instructions to fulfill system functionalities.
(6) Sending you notifications related to the management and accounts of our services, including security updates and transaction-related data.
(7) Investigating suspicious activities, detecting, preventing, and combating illegal behavior, detecting fraudulent activities, and maintaining the security of our services.
If the Platform intends to share or authorize access to your personal data with third parties for purposes other than those mentioned above, we will obtain your consent in advance, and you can choose to refuse the provision of your personal data to third parties.9. Cross-Border Data Transfers
The Platform generally processes your personal data within the European Union and the European Economic Area. However, the Platform may also process your personal data in countries/regions outside your home country but within the European Union or the European Economic Area. Additionally, once you receive the Platform’s authenticated personal data, you have the right to authorize third parties located outside the European Union or the European Economic Area to access your personal data. In such cases, where third parties outside the European Union or the European Economic Area may access your personal data, as the data controller, you need to adopt appropriate data transfer mechanisms in accordance with the relevant provisions of the GDPR.10. Data Subject Rights Protection
Depending on your place of residence and specific Platform usage scenarios, you have the following rights regarding your personal data:
To exercise the aforementioned rights, you can contact us by sending an email to email@example.com. Please note that for such requests, we may require you to provide additional identity data to ensure effective verification of your identity. Unless we are able to verify your identity or confirm your authority to make such requests, as well as establish the relevance of the personal data to you, we will be unable to respond to your request or provide you with personal data.
Please note that upon receiving the platform-authenticated personal data from us, as we do not have access to your personal data, you will act as the data controller for any subsequent data processing activities. To exercise your rights as a data subject, such as the right to access and rectify, you will need to access and copy the data through the platform. For rights such as the right to erasure, objection, or withdrawal of consent, you may need to uninstall any browser plugins installed and clear relevant data, adjust device settings, or take other appropriate measures. We will make every effort to protect the security of your personal data.11. Protection Measures for Personal Data
Data security is of utmost importance to us, and we are committed to protecting the data we collect. We employ comprehensive administrative, technical, and physical measures to safeguard your personal data from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use.
For instance, we implement the following, but not limited to, technical and organizational measures: